This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/Y2rIYreLOiywxBX2z6aRfWF7q04.roa
File:                     Y2rIYreLOiywxBX2z6aRfWF7q04.roa (raw, json)
Hash identifier:          dpqG15krdpxJUlUEVSBqVv3+kw/A6MahmXEVhi6w3cg=
Subject key identifier:   63:6A:C8:62:B7:8B:3A:2C:B0:C4:15:F6:CF:A6:91:7D:61:7B:AB:4E
Certificate issuer:       /CN=203b3ab8d9011439d4ba84dfd4afe616d4196cc4
Certificate serial:       019B7C1289FB700E1230B57E4997400729D3
Authority key identifier: 20:3B:3A:B8:D9:01:14:39:D4:BA:84:DF:D4:AF:E6:16:D4:19:6C:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/Y2rIYreLOiywxBX2z6aRfWF7q04.roa
Signing time:             Fri 02 Jan 2026 00:19:08 +0000
ROA not before:           Fri 02 Jan 2026 00:19:08 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200780
IP address blocks:        185.204.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:89:fb:70:0e:12:30:b5:7e:49:97:40:07:29:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=203b3ab8d9011439d4ba84dfd4afe616d4196cc4
        Validity
            Not Before: Jan  2 00:19:08 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=636ac862b78b3a2cb0c415f6cfa6917d617bab4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:4e:04:74:c4:fa:b0:39:c0:7b:88:7a:95:2e:
                    ac:33:4b:72:7e:81:81:8c:8e:52:16:a1:82:f4:82:
                    98:3c:cb:96:b3:25:29:a4:d9:89:1d:18:7d:92:6f:
                    e7:c6:fc:6d:e0:52:10:31:60:30:e7:27:6c:18:65:
                    9f:a4:72:3a:6a:00:2b:14:b6:c5:f5:a6:68:b4:d3:
                    c8:17:bf:10:13:7e:bc:f0:84:88:31:1c:23:f8:86:
                    df:30:33:d2:7a:36:58:98:f9:be:90:4f:17:02:38:
                    87:0d:07:dc:7b:6c:8b:52:e9:08:67:36:ec:64:5b:
                    af:b6:cc:26:ca:ec:2d:89:fb:cc:58:20:35:2e:8d:
                    01:f4:ec:90:0b:4c:48:7a:18:e6:ae:61:ee:76:dc:
                    76:9c:6b:cb:95:39:f2:01:c2:99:50:22:fa:27:2c:
                    6f:ef:2c:62:3c:2b:85:50:54:e1:17:28:86:52:a4:
                    d0:14:1c:12:0d:74:98:87:1f:1a:0f:af:a5:b2:fb:
                    80:46:70:93:07:a0:2d:c2:db:dc:bd:4d:bc:5c:a6:
                    b5:1b:6c:cb:14:a1:1a:61:ba:35:0a:46:57:71:85:
                    86:f3:39:b1:ee:f1:c6:2d:5c:62:2d:43:2f:4e:14:
                    b5:a5:fd:8b:15:5b:e3:41:48:d4:0f:55:27:71:26:
                    1a:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:6A:C8:62:B7:8B:3A:2C:B0:C4:15:F6:CF:A6:91:7D:61:7B:AB:4E
            X509v3 Authority Key Identifier:
                keyid:20:3B:3A:B8:D9:01:14:39:D4:BA:84:DF:D4:AF:E6:16:D4:19:6C:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/Y2rIYreLOiywxBX2z6aRfWF7q04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.204.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:dd:16:b8:58:17:57:00:e4:59:98:d8:34:03:d7:74:d3:4d:
         2b:be:cc:af:6f:cc:6b:ef:cf:bf:3a:1c:bd:7e:36:e9:50:58:
         c2:ec:ec:de:7b:25:3b:9a:27:43:51:a6:a1:a8:d1:94:79:be:
         8c:ac:ec:c2:3d:46:08:35:c4:90:78:59:92:b0:97:f8:c0:2b:
         9c:2f:78:d2:8f:a0:c2:68:11:86:9c:2b:c9:26:bc:f0:78:dc:
         c9:aa:a6:97:62:af:60:1e:6f:b6:23:9e:71:0d:3c:1e:c1:36:
         a4:28:6c:ae:04:16:fd:59:21:a1:e9:e8:84:ff:5f:08:12:f6:
         53:a5:9a:9d:df:9a:24:89:8c:83:8f:3e:b9:a8:57:8b:3b:52:
         30:91:54:21:74:4b:57:dd:68:5d:39:0a:eb:5f:7f:4c:ae:91:
         d5:03:c1:5f:f6:9c:e8:87:f0:bb:41:56:96:13:d5:34:47:65:
         7d:1f:5f:03:a9:99:63:4a:1b:c2:ce:57:d1:3b:0e:a8:67:85:
         7d:45:94:9e:2e:b5:84:47:b2:49:8b:bb:a3:28:4e:6c:37:be:
         af:0b:7d:2c:eb:de:94:41:31:67:5b:ff:2c:a0:63:45:2e:f8:
         ef:3c:42:c0:a5:7d:3e:e0:37:18:da:d2:57:7f:58:7c:c8:14:
         dd:e0:71:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8Eon7cA4SMLV+SZdABynTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwM2IzYWI4ZDkwMTE0MzlkNGJhODRkZmQ0YWZlNjE2ZDQx
OTZjYzQwHhcNMjYwMTAyMDAxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZhYzg2MmI3OGIzYTJjYjBjNDE1ZjZjZmE2OTE3ZDYxN2JhYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA204EdMT6sDnAe4h6lS6sM0tyfoGB
jI5SFqGC9IKYPMuWsyUppNmJHRh9km/nxvxt4FIQMWAw5ydsGGWfpHI6agArFLbF
9aZotNPIF78QE3688ISIMRwj+IbfMDPSejZYmPm+kE8XAjiHDQfce2yLUukIZzbs
ZFuvtswmyuwtifvMWCA1Lo0B9OyQC0xIehjmrmHudtx2nGvLlTnyAcKZUCL6Jyxv
7yxiPCuFUFThFyiGUqTQFBwSDXSYhx8aD6+lsvuARnCTB6AtwtvcvU28XKa1G2zL
FKEaYbo1CkZXcYWG8zmx7vHGLVxiLUMvThS1pf2LFVvjQUjUD1UncSYaXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNqyGK3izossMQV9s+mkX1he6tOMB8GA1UdIwQY
MBaAFCA7OrjZARQ51LqE39Sv5hbUGWzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURzNnVOa0JGRG5VdW9UZjFLX21GdFFaYk1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84ZjI3NzctMTg5OS00YTM1LWIyODQt
YTYyYWYyODZmOWIzLzEvWTJySVlyZUxPaXl3eEJYMno2YVJmV0Y3cTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84ZjI3NzctMTg5OS00YTM1LWIyODQtYTYyYWYyODZmOWIz
LzEvSURzNnVOa0JGRG5VdW9UZjFLX21GdFFaYk1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucy+MA0G
CSqGSIb3DQEBCwUAA4IBAQBi3Ra4WBdXAORZmNg0A9d0000rvsyvb8xr78+/Ohy9
fjbpUFjC7OzeeyU7midDUaahqNGUeb6MrOzCPUYINcSQeFmSsJf4wCucL3jSj6DC
aBGGnCvJJrzweNzJqqaXYq9gHm+2I55xDTwewTakKGyuBBb9WSGh6eiE/18IEvZT
pZqd35okiYyDjz65qFeLO1IwkVQhdEtX3WhdOQrrX39MrpHVA8Ff9pzoh/C7QVaW
E9U0R2V9H18DqZljShvCzlfROw6oZ4V9RZSeLrWER7JJi7ujKE5sN76vC30s696U
QTFnW/8soGNFLvjvPELApX0+4DcY2tJXf1h8yBTd4HGs
-----END CERTIFICATE-----